57 matches found
EUVD-2021-7625
Malicious code in bioql PyPI...
EUVD-2021-7626
Malicious code in bioql PyPI...
EUVD-2021-7627
Malicious code in bioql PyPI...
EUVD-2021-7628
Malicious code in bioql PyPI...
CVE-2021-20167
Netgear RAX43 version 1.0.3.96 contains a command injection vulnerability. The readycloud cgi application is vulnerable to command injection in the name parameter...
CVE-2021-20169
Netgear RAX43 version 1.0.3.96 does not utilize secure communications to the web interface. By default, all communication to/from the device is sent via HTTP, which causes potentially sensitive information such as usernames and passwords to be transmitted in cleartext...
CVE-2021-20166
Netgear RAX43 version 1.0.3.96 contains a buffer overrun vulnerability. The URL parsing functionality in the cgi-bin endpoint of the router containers a buffer overrun issue that can redirection control flow of the applicaiton...
CVE-2021-20168
Netgear RAX43 version 1.0.3.96 does not have sufficient protections to the UART interface. A malicious actor with physical access to the device is able to connect to the UART port via a serial connection, login with default credentials, and execute commands as the root user. These default...
CVE-2021-20171
Netgear RAX43 version 1.0.3.96 stores sensitive information in plaintext. All usernames and passwords for the device's associated services are stored in plaintext on the device. For example, the admin password is stored in plaintext in the primary configuration file on the device...
VulnCheck KEV: CVE-2021-20166
Netgear RAX43 version 1.0.3.96 contains a buffer overrun vulnerability. The URL parsing functionality in the cgi-bin endpoint of the router containers a buffer overrun issue that can redirection control flow of the applicaiton...
VulnCheck KEV: CVE-2021-20167
Netgear RAX43 version 1.0.3.96 contains a command injection vulnerability. The readycloud cgi application is vulnerable to command injection in the name parameter...
Netgear RAX43 Buffer Overflow Vulnerability
The Netgear RAX43 is a router from the American company Netgear. A hardware device that connects two or more networks and acts as a gateway between them. A buffer overflow vulnerability exists in Netgear RAX43 version 1.0.3.96. The vulnerability is caused by the URL parsing functionality of the...
Unspecified Vulnerability in Netgear RAX43
The Netgear RAX43 is a wireless router from Netgear USA. A security vulnerability exists in the Netgear RAX43 that stems from storing sensitive information in plaintext. All usernames and passwords for device-related services are stored on the device in plaintext. No details of the vulnerability...
Netgear RAX43 has an unspecified vulnerability (CNVD-2022-02648)
Netgear RAX43 is a wireless router from Netgear USA.A security vulnerability exists in Netgear RAX43, which stems from the use of hard-coded credentials. Because the configuration backup is encrypted, it appears that an ordinary user is not intended to be able to manipulate the configuration...
Netgear RAX43 has an unspecified vulnerability (CNVD-2022-02661)
The Netgear RAX43 is a wireless router from Netgear, Inc. A security vulnerability exists in the Netgear RAX43, which stems from insufficient protection of the UART interface. A malicious actor with physical access to the device is able to connect to the UART port via a serial connection, log in...
Netgear RAX43 has an unspecified vulnerability (CNVD-2022-02647)
A security vulnerability exists in the Netgear RAX43, a wireless router from Netgear, which stems from the non-use of secure communication with the web interface. By default, all communication to and from the device is sent over HTTP, which can result in potentially sensitive information such as...
Netgear RAX43 Command Injection Vulnerability
Netgear RAX43 is a wireless router from Netgear, Inc. A command injection vulnerability exists in Netgear RAX43, which stems from the inclusion of a command injection vulnerability. The readycloud cgi application is vulnerable to command injection in the name parameter. No details of the...
CVE-2021-20170
Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials. It does not appear that normal users are intended to be able to manipulate configuration backups due to the fact that they are encrypted. This encryption is accomplished via a password-protected zip file with a hardcoded password...
CVE-2021-20166
Netgear RAX43 version 1.0.3.96 contains a buffer overrun vulnerability. The URL parsing functionality in the cgi-bin endpoint of the router containers a buffer overrun issue that can redirection control flow of the applicaiton...
CVE-2021-20170
Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials. It does not appear that normal users are intended to be able to manipulate configuration backups due to the fact that they are encrypted. This encryption is accomplished via a password-protected zip file with a hardcoded password...